The problem Mr. Howe describes is fundamental, folks: encryption should be end-to-end even when the endpoints are functionaries in a company. Because not all employees are equal.
So yes Alice at ABC.COM sends mail to Bob at XYZ.COM and the SMTP link is encrypted, so the bored upstream-ISP netops can't learn anything besides traffic analysis. But once inside XYZ.COM, many unauthorized folks could intercept Bob's email. Access Control is sorely lacking folks. Link encryption is a good idea, but rarely sufficient. At 01:20 PM 10/1/02 +0100, David Howe wrote: >at Tuesday, October 01, 2002 3:08 AM, Peter Gutmann ><[EMAIL PROTECTED]> was seen to say: >> For encryption, STARTTLS, which protects more mail than all other >> email encryption technology combined. See > >I would dispute that - not that it isn't used and useful, but unless you >are handing off directly to the "home" machine of the end user (or his >direct spool) odds are good that the packet will be sent unencrypted >somewhere along its journey. with TLS you are basically protecting a >single link of a transmission chain, with no control over the rest of >the chain.